Reputation: 115
libsodium crypto_sign_open returns unsigned message adding some characters
In my C++ project I'm using libsodium library to create and verify the signature of a message.
To verify the signature I'm using the libsodium crypto_sign_open function in this way
bool Signature::signatureVerification(const char* content, unsigned char* unsigned_message)
{
bool verified;
unsigned long long unsigned_message_len;
if (crypto_sign_open(unsigned_message, &unsigned_message_len, (const unsigned char *)content, signed_message_len, pk) != 0)
{
verified = false;
std::cout << "incorrect signature " << std::endl;
}
else{
verified = true;
}
//print variable unsigned_message
return verified;
}
If I "print" the variable unsigned_message I get the unsigned message followed by some characters coming from the signature. For example, if the message is 'hello', after the signature verification I get 'hello�*�'.
For now I "solved" the issue using the original length of the message (stored in the variable unsigned_message_len) to truncate the message returned by the function.
What could be the issue? Why in the unsigned_message variable there are some additional characters and not only the original message?
Thanks
Upvotes: 2
Views: 413
Answers (2)
Reputation: 1501
For starters, unsigned_message should have been preallocated in order to receive unsigned_message_len bytes.
Is it the case? Your code snippet doesn't show that part.
Did the length of the original message include the terminating \0?
If you used strlen(), it is not the case, so printing it will print your string, followed that anything until there's (by accident) a \0 byte somewhere in memory. Or until it hits a guard page and crashes.
The issue is not really about signatures here. Strings must be zero-terminated if they don't have an explicit length.
Upvotes: 0
Reputation: 56
That is because you don't have a null terminator, try adding + 1 after unsigned_message wherever that is being printed from. Your code obviously is going to print random characters out after the text because it is 'unisgned' meaning it does not have a signed data bit value. + 1 should terminate the random symbols.
Upvotes: 3
Related Questions
- C++, libsodium, strange key
- How to sign a file via Crypto++ and RSA
- cryptlib cryptSignCert fails
- OpenSSL C++ RSA sign is different from command line sign
- RSASSA_PKCS1v15_SHA_Signer and PK_SignatureScheme::KeyTooShort exception
- Issues about the signedness of char
- ECDSA Not Signing/Verifying Correctly
- Java digital signature and C++ CryptSignMessage lead to different results
- OpenSSL EVP_DigestSignFinal segfault
- Sign a string in an open source code